package org.example.controller;

import org.example.bean.entity.User;
import org.springframework.security.access.annotation.Secured;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.servlet.ModelAndView;

/**
 * @program: example-spring-boot-extend
 * @description:
 * @author: Chenjiabin
 * @create: 2019/4/10 18:01
 **/
@Controller
@RequestMapping("method")
public class MethodController {
    @Secured({"ROLE_ADMIN"})
    @RequestMapping("save")
    public Object save(User user) {
        return new ModelAndView("admin/save", "data", user);
    }

    @PreAuthorize("hasRole('USER') or hasRole('ADMIN')")
    @RequestMapping("read")
    public Object read(User user) {
        return new ModelAndView("admin/read", "data", user);
    }
}
